• Home
  • About Us
  • Authors
  • Submit News
  • Contact Us
  • Privacy Policy
  • Sitemap
The Hack Post
  • Hacking News
    • Cyber Crime
  • Cyber Security
  • Technology
    • Internet
  • Entertainment
    • Gaming
  • Business
  • Science / Health
No Result
View All Result
The Hack Post
No Result
View All Result

Joomla! 3.6.4 Admin TakeOver Exploit is Now Public

Alizaib Hassan by Alizaib Hassan
February 6, 2017
Share on FacebookShare on Twitter

A few days ago, a Joomla exploit has surfaced on the internet affecting the version 3.6.4 by allowing an attacker to take administrative control over the website using the Content Management System (CMS). An exploiter named Charles Fol has taken credit and has made the 0day public by posting it to exploit databases.

When the exploit is executed on a targeted Joomla website, it allows hackers to register and then provides and grants administrative privileges to the newly registered account.

Screenshot of Joomla! 3.6.4 Admin TakeOver Exploit
Screenshot of Joomla! 3.6.4 Admin TakeOver Exploit

Hackers can use this exploit to not only deface their web page but can also download their whole database, hijack traffic or even root the servers by uploading a malicious shell.

Staff at Joomla have not publicly addressed the exploit yet and it is unknown as of yet whether or not a patch has been released in response to the vulnerability.

A similar exploit has existed for versions 3.4.4 to 3.6.4 of Joomla. A video was uploaded on the 8th of November, 2016 by the user “Macedonian Security Crew” and it shows a full Proof of Concept (PoC). The video demonstrates an in-depth analysis on the exploit in a 23 minute display and gives further information on how to execute the exploit onto vulnerable websites using Metasploit.

The security staff at Joomla need to be on high alert and keep an eye out on vulnerabilities and exploits like these so clients and users who implement the Joomla CMS on their websites don’t feel threatened by the risk posed by malicious hackers and exploits. The severity of this exploit alone has been major, posing a very high-security risk for those vulnerable. The staff at Joomla can take a page out of their competitor WordPress’s book.

Recently a couple of vulnerabilities were found in WordPress’s REST API, which we reported on a few days ago. The security team at WordPress dealt with the situation much better by immediately deploying a patch for those affected by the bugs.

The severity of that exploit in comparison to this one is almost the same. So whether or not Joomla staff are aware of the bugs, they need to take initiative and solve the problem at hand faster. We advise those who are affected to upgrade to the latest version of the CMS to avoid falling victim to this admin takeover exploit.

Tags: Joomla 3.6.4 ExploitJoomla Exploit
Alizaib Hassan

Alizaib Hassan

Writer and content creator at The Hack Post. My adamant love for blogging, web development and programming has made me realise that contributing what I know is not only educative but also fun. Discussing topics with others is what drove me to become an author and I love every single moment of it. Founder of www.azhblog.com

Next Post

openSUSE Hacked by Kurdish Hacker

Latest Articles

Image 1 of Why Multi-Flavor Disposable Vapes Become Popular Among German and Spanish Vapers
Business

Why Multi-Flavor Disposable Vapes Become Popular Among German and Spanish Vapers

July 7, 2026
Image 1 of How Real-Time Technology Enhances the Online Gaming Experience
Gaming

How Real-Time Technology Enhances the Online Gaming Experience

July 1, 2026
Image 1 of Here are ten ways to improve your personal security in crypto, from the basics everyone should follow to the steps that matter most if you’re a public investor, founder, or executive.
Cyber Security

10 Ways to Improve Your Personal Security in Crypto

June 28, 2026
Image 1 of Best Video Face Swap AI Tools in 2026: 8 Platforms Compared for Realistic Face Swapping
Business

Best Video Face Swap AI Tools in 2026: 8 Platforms Compared for Realistic Face Swapping

June 28, 2026
Insurance risk assessment concept with documents, charts, and coverage policy on a desk
Business

Eric Poe: Understanding Insurance Risk Assessment and Its Role in Fair Coverage

June 26, 2026
Wooden garden fence with lush greenery, showcasing popular garden fencing design and materials
Business

Key Considerations When Building Garden Fencing

June 25, 2026
Image 1 of Growing Smarter & Faster with Outsourced Accounting and HR Services
Business

Growing Smarter & Faster with Outsourced Accounting and HR Services

June 23, 2026
Image 1 of Site: http://thehackpost.com
Business

How Does Sustainability Management Improve Business Performance and Profitability?

June 22, 2026
Modern air conditioner and ceiling fan in a bright living room for effective summer cooling solutions
Featured

Cooling Solutions for a Refreshing Summer

June 21, 2026
TradeQuo platform interface showcasing crypto trading features and broker award recognition
Business

TradeQuo: What a Fast-Growing Crypto Broker Award Tells Traders About the Platform

June 17, 2026
Conceptual graphic illustrating data breach monitoring and exposure intelligence solutions for businesses
Cyber Security

HIBP Alternatives for Businesses: Moving From Breach Lookup to Exposure Intelligence

June 16, 2026
Modern gaming setup with dual monitors, ergonomic chair, LED lighting, and surround sound
Gaming

Tips for Creating a Gaming Setup for Optimal Immersion and Comfort

June 6, 2026
  • Home
  • About Us
  • Authors
  • Submit News
  • Contact Us
  • Privacy Policy
  • Sitemap

The Hack Post © 2019

No Result
View All Result
  • Hacking News
    • Cyber Crime
  • Cyber Security
  • Technology
    • Internet
  • Entertainment
    • Gaming
  • Business
  • Science / Health

The Hack Post © 2019